Quantstamp Audits Curve Finance Liquidity Mining

Quantstamp Announcements
August 18, 2020

Quantstamp is happy to announce that we have finished our audit of Curve Finance’s CRV token reward mechanism and CurveDAO. 

Curve Finance is an Automated Market Maker focused on stable asset swaps. Using bonding curves optimized for stable-assets, it minimizes slippage for stablecoin and other stable-pair trades. 

“Curve Finance is a cutting edge decentralized exchange that is also exploring the cutting edge of decentralized governance,” noted Richard Ma, CEO of Quantstamp. “We are excited to help them make sure CurveDAO is secure and ready to take them to the next stage.“ 

“With CRV, we are doing governance token distribution, staking and voting in a new way,” said Michael Egorov, founder of Curve Finance. “Quantstamp worked closely with us to help make sure this new design will work in the field.”

Curve Finance

Launched in January, 2020, Curve’s user adoption has been steady. It currently has over $1B in deposits and processes over $60M of daily volume*.

Users can conduct low-slippage trades on Curve Finance, or provide liquidity to the platform for a portion of trading fees. Through integration with third party DeFi projects such as Yearn Finance, Compound, and Synthetix, liquidity providers also earn extra yield on top of trading fees. This yield comes from lending platform fees and token incentives. 

Liquidity providers can now also claim CRV, the native governance token. 

What is CRV?

CRV is a governance token for CurveDAO, an Aragon DAO that governs the Curve Finance platform. 

Unlike standard on-chain governance systems, Curve’s voting mechanism weights both time and amount staked. Users who lock up their CRV tokens longer have their vote counted more, and so do users who lock up more tokens.

Besides increased voting power, users who lock up their CRV and vote also increase their CRV reward distribution. This incentivizes governance participation.

If you wish to learn how to provide liquidity on Curve to earn CRV, or learn more about the CRV token, the Curve blog has more details. 

CRV Distribution

Curve’s CRV token has a total supply of 3.03 billion, with 62% being distributed through liquidity mining. Users who provide liquidity on Curve Finance will earn a share of these rewards. 

5% of the initial distribution will go to users who have already supplied liquidity on Curve prior to CRV’s launch. The remaining 57% will be distributed going forward. Distribution is decided through the user’s share of the liquidity on Curve, as well as their participation in CurveDAO governance. Curve’s Medium Article has more details on the distribution, staking and voting mechanics of CRV. 

Quantstamp’s audit covered the Vyper smart contracts controlling the token reward mechanism as well as the controller logic used to distribute the tokens. Three engineers, including two PhDs, looked at four Vyper smart contracts: LiquidityGauge, GaugeController, LiquidityGaugeReward, and VestingEscrow from 7-21-2020 through 8-05-2020. Issues found were communicated to Curve, fixes were implemented by them, and we issued the final report 

During the audit, a total of 11 potential issues with varying levels of severity were found: one high-severity, one medium-severity, one low-severity, one undetermined-severity, and seven informational-level findings. Additionally, several best practices recommendations were also made regarding naming, documentation, and other suggestions. Several of the issues, including all high risk issues, were addressed by the Curve team. 

The full audit report can be found on the CurveDAO site here.

*as of August 18th, 2020, according to Curve.fi statistics

About Curve

Curve is an exchange liquidity pool on Ethereum designed for extremely efficient stablecoin trading, and low risk, supplemental fee income for liquidity providers, without opportunity cost.

Curve allows users and smart contracts like 1inch, ParaSwap, Totle and DEX.AG to trade between DAI and USDC with a bespoke low slippage, low fee algorithm designed specifically for stablecoins and earn fees. Behind the scenes, the liquidity pool is also supplied to the Compound protocol or yearn.finance where it generates even more income for liquidity providers.

About Quantstamp

Quantstamp is a leader in blockchain security, having performed over 140 audits and secured over $5 billion of value. Top crypto and enterprise companies including MakerDAO, Chainlink, eToro, and World Economic Forum choose Quantstamp to secure their blockchain applications. 

Quantstamp 公告
August 18, 2020

Quantstamp is happy to announce that we have finished our audit of Curve Finance’s CRV token reward mechanism and CurveDAO. 

Curve Finance is an Automated Market Maker focused on stable asset swaps. Using bonding curves optimized for stable-assets, it minimizes slippage for stablecoin and other stable-pair trades. 

“Curve Finance is a cutting edge decentralized exchange that is also exploring the cutting edge of decentralized governance,” noted Richard Ma, CEO of Quantstamp. “We are excited to help them make sure CurveDAO is secure and ready to take them to the next stage.“ 

“With CRV, we are doing governance token distribution, staking and voting in a new way,” said Michael Egorov, founder of Curve Finance. “Quantstamp worked closely with us to help make sure this new design will work in the field.”

Curve Finance

Launched in January, 2020, Curve’s user adoption has been steady. It currently has over $1B in deposits and processes over $60M of daily volume*.

Users can conduct low-slippage trades on Curve Finance, or provide liquidity to the platform for a portion of trading fees. Through integration with third party DeFi projects such as Yearn Finance, Compound, and Synthetix, liquidity providers also earn extra yield on top of trading fees. This yield comes from lending platform fees and token incentives. 

Liquidity providers can now also claim CRV, the native governance token. 

What is CRV?

CRV is a governance token for CurveDAO, an Aragon DAO that governs the Curve Finance platform. 

Unlike standard on-chain governance systems, Curve’s voting mechanism weights both time and amount staked. Users who lock up their CRV tokens longer have their vote counted more, and so do users who lock up more tokens.

Besides increased voting power, users who lock up their CRV and vote also increase their CRV reward distribution. This incentivizes governance participation.

If you wish to learn how to provide liquidity on Curve to earn CRV, or learn more about the CRV token, the Curve blog has more details. 

CRV Distribution

Curve’s CRV token has a total supply of 3.03 billion, with 62% being distributed through liquidity mining. Users who provide liquidity on Curve Finance will earn a share of these rewards. 

5% of the initial distribution will go to users who have already supplied liquidity on Curve prior to CRV’s launch. The remaining 57% will be distributed going forward. Distribution is decided through the user’s share of the liquidity on Curve, as well as their participation in CurveDAO governance. Curve’s Medium Article has more details on the distribution, staking and voting mechanics of CRV. 

Quantstamp’s audit covered the Vyper smart contracts controlling the token reward mechanism as well as the controller logic used to distribute the tokens. Three engineers, including two PhDs, looked at four Vyper smart contracts: LiquidityGauge, GaugeController, LiquidityGaugeReward, and VestingEscrow from 7-21-2020 through 8-05-2020. Issues found were communicated to Curve, fixes were implemented by them, and we issued the final report 

During the audit, a total of 11 potential issues with varying levels of severity were found: one high-severity, one medium-severity, one low-severity, one undetermined-severity, and seven informational-level findings. Additionally, several best practices recommendations were also made regarding naming, documentation, and other suggestions. Several of the issues, including all high risk issues, were addressed by the Curve team. 

The full audit report can be found on the CurveDAO site here.

*as of August 18th, 2020, according to Curve.fi statistics

About Curve

Curve is an exchange liquidity pool on Ethereum designed for extremely efficient stablecoin trading, and low risk, supplemental fee income for liquidity providers, without opportunity cost.

Curve allows users and smart contracts like 1inch, ParaSwap, Totle and DEX.AG to trade between DAI and USDC with a bespoke low slippage, low fee algorithm designed specifically for stablecoins and earn fees. Behind the scenes, the liquidity pool is also supplied to the Compound protocol or yearn.finance where it generates even more income for liquidity providers.

关于况思探

Quantstamp is a leader in blockchain security, having performed over 140 audits and secured over $5 billion of value. Top crypto and enterprise companies including MakerDAO, Chainlink, eToro, and World Economic Forum choose Quantstamp to secure their blockchain applications. 

Leading DeFi Projects Get Quantstamp Audits
了解更多
September 2, 2020

Quantstamp Community Update - August 2020

DeFi hacks, Layer 1 audits, and more media coverage. Here’s what happened at Quantstamp in August.

September 1, 2020

Quantstamp Audits Layer 1 Blockchains

Apart from securing the applications that run on blockchain platforms, we also offer security services for base layer protocols. Our experience with base layer protocols includes ETH2, Avalanche, and Cardano.

August 28, 2020

Quantstamp Helps Secure IDEX 2.0

Quantstamp, a leading blockchain security company, has finished its audit of IDEX 2.0, a new, higher performance update to popular decentralized exchange IDEX. Security is one of the main issues holding back Decentralized Finance, so we’re happy to be helping IDEX scale to the next stage of their growth by auditing their latest platform.

August 27, 2020

The Stablecoins Driving Blockchain Adoption

2020 has been a milestone year for stablecoins. Learn more about some of the stablecoins Quantstamp has secured that are changing the future of our financial system.